book

CEH Certified Ethical Hacker Cert Guide, 4th Edition

by Michael Gregg, Omar Santos

February 2022

Intermediate to advanced

752 pages

19h 37m

English

Pearson IT Certification

Read now

Unlock full access

How to Use This BookCompanion WebsitePearson Test Prep Practice Test SoftwareGoals and MethodsWho Should Read This Book?Strategies for Exam PreparationHow This Book Is Organized
“Do I Know This Already?” QuizFoundation TopicsSecurity FundamentalsSecurity TestingCyber Kill ChainHacker and Cracker DescriptionsEthical HackersTest Plans—Keeping It LegalEthics and LegalitySummaryExam Preparation TasksReview All Key TopicsDefine Key TermsExercisesReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsThe Hacking ProcessThe Ethical Hacker’s ProcessInformation Security Systems and the StackSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsExercisesReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsFootprintingScanningSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsExercisesReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsEnumerationSystem HackingSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsExerciseReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsSocial EngineeringMalware ThreatsVulnerability AnalysisSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsCommand Reference to Check Your MemoryExercisesReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsSniffersSession HijackingDenial of Service and Distributed Denial of ServiceSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsExercisesReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsWeb Server HackingWeb Application HackingDatabase HackingSummaryExam Preparation TasksReview All Key TopicsExerciseReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsWireless and Mobile Device TechnologiesWi-FiSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsIntrusion Detection and Prevention SystemsFirewallsHoneypotsSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsCryptography History and ConceptsEncryption AlgorithmsPublic Key InfrastructureEmail and Disk EncryptionCryptoanalysis and AttacksSecurity Protocols and CountermeasuresSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsExercisesReview QuestionsSuggested Reading and Resources
“Do I Know This Already?” QuizFoundation TopicsCloud ComputingIoTBotnetsSummaryExam Preparation TasksReview All Key TopicsDefine Key TermsReview QuestionsSuggested Reading and Resources
Hands-on ActivitiesSuggested Plan for Final Review and StudySummary
Always Get the Latest at the Book’s Product PageTechnical Content

Content preview from CEH Certified Ethical Hacker Cert Guide, 4th Edition

Chapter 7

Web Server Hacking, Web Applications, and Database Attacks

This chapter covers the following topics:

Web Server Hacking: Because they are available to anyone with an Internet connection, web servers are a constant target of attackers.
Web Application Hacking: Application developers have an important job in that they must verify all data and understand that all input/output and processed data must be validated because organizations rely heavily on modern web applications.
Database Hacking: SQL injection has been one of the most common attacks for years. It takes advantage of unvalidated input and potentially can give attackers access to sensitive data (even credit card numbers).

Web-based applications are everywhere. You can find ...